Comparison

mod_http_upload_external/share_v2.php @ 3162:3797be8f491f

share_v2.php: Fix syntax errors
author Matthew Wild <mwild1@gmail.com>
date Mon, 02 Jul 2018 12:55:43 +0100
parent 3161:887a8100343a
child 3163:31b85864a615
comparison
equal deleted inserted replaced
3161:887a8100343a 3162:3797be8f491f
85 header('HTTP/1.0 400 Bad Request'); 85 header('HTTP/1.0 400 Bad Request');
86 exit; 86 exit;
87 } 87 }
88 88
89 $calculated_token = hash_hmac('sha256', "$upload_file_name\0$upload_file_size\0$upload_file_type", $CONFIG_SECRET); 89 $calculated_token = hash_hmac('sha256', "$upload_file_name\0$upload_file_size\0$upload_file_type", $CONFIG_SECRET);
90 if(function_exists('hash_equals') { 90 if(function_exists('hash_equals')) {
91 if(hash_equals($calculated_token, $upload_token) !== TRUE) { 91 if(hash_equals($calculated_token, $upload_token) !== TRUE) {
92 header('HTTP/1.0 403 Forbidden'); 92 header('HTTP/1.0 403 Forbidden');
93 exit; 93 exit;
94 } 94 }
95 } 95 }
127 $mime_type = 'application/octet-stream'; 127 $mime_type = 'application/octet-stream';
128 } 128 }
129 header('Content-Disposition: attachment'); 129 header('Content-Disposition: attachment');
130 header('Content-Type: '.$mime_type); 130 header('Content-Type: '.$mime_type);
131 header('Content-Length: '.filesize($store_file_name)); 131 header('Content-Length: '.filesize($store_file_name));
132 header('Content-Security-Policy: "default-src \'none\'"'); 132 header("Content-Security-Policy: \"default-src 'none'\"");
133 header('X-Content-Security-Policy: "default-src \'none\'"'); 133 header("X-Content-Security-Policy: \"default-src 'none'\"");
134 header('X-WebKit-CSP: "default-src 'none'"'); 134 header("X-WebKit-CSP: \"default-src 'none'\"");
135 if($request_method !== 'HEAD') { 135 if($request_method !== 'HEAD') {
136 readfile($store_file_name); 136 readfile($store_file_name);
137 } 137 }
138 } else { 138 } else {
139 header('HTTP/1.0 404 Not Found'); 139 header('HTTP/1.0 404 Not Found');